Fix CVEs CVE-2024-4741 CVE-2024-5535

2026-05-24 09:28:37 +00:00 · 2024-07-02 13:33:42 +01:00 · 2024-07-02 13:33:42 +01:00 · 2e978237d1
commit 2e978237d1
parent 61dc0a2fba
3 changed files with 3 additions and 2 deletions
--- a/src/autoconf/Dockerfile
+++ b/src/autoconf/Dockerfile
@ -62,7 +62,7 @@ RUN apk add --no-cache bash && \

 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
-RUN apk add --no-cache "libcrypto3>=3.1.5-r0" "libssl3>=3.1.5-r0" # CVE-2024-4603
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535

 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"
--- a/src/scheduler/Dockerfile
+++ b/src/scheduler/Dockerfile
@ -70,6 +70,7 @@ COPY --chown=root:scheduler --chmod=770 src/bw/misc/country.mmdb /var/tmp/bunker

 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" "openssl>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535

 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"
--- a/src/ui/Dockerfile
+++ b/src/ui/Dockerfile
@ -63,7 +63,7 @@ RUN apk add --no-cache bash unzip libmagic mariadb-client postgresql-client sqli

 # Fix CVEs
 RUN apk add --no-cache "busybox>=1.36.1-r17" "busybox-binsh>=1.36.1-r17" "ssl_client>=1.36.1-r17" # CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-42366
-RUN apk add --no-cache "libcrypto3>=3.1.5-r0" "libssl3>=3.1.5-r0" # CVE-2024-4603
+RUN apk add --no-cache "libcrypto3>=3.1.6-r0" "libssl3>=3.1.6-r0" # CVE-2024-4741 CVE-2024-5535

 LABEL maintainer="Bunkerity <contact@bunkerity.com>"
 LABEL version="1.5.9"